24 billion threats ran over encrypted channels using SSL such as HTTPS. The attack usually comes from malware that is transported via e-mail or infected websites. In Germany, this type of attack increased by 2021 percent compared to 352.
The annual State of Encrypted Attacks report shows the trends of HTTPS-based attacks based on the analysis of more than 24 billion threats from October 2021 to September 2022. The research is based on insights from more than 300 trillion daily signals and 270 billion daily Transactions in the Zscaler Zero Trust Exchange - the world's largest security cloud.
Billions of detected attacks
The report shows that malware remains the top threat to individuals and businesses across nine major industry sectors, with manufacturing, education and healthcare being the most targeted. Encrypted attacks remain a major global problem, with the US, India, and Japan saw the largest increases in attacks over the past 2021 months. Additionally, there was a notable increase in TLS/SSL attacks in South Africa compared to XNUMX.
Malware is king among cybercriminals
Although cybercriminals hide a variety of attack tactics in encrypted traffic, malware remains the most prevalent. Malicious scripts and payloads used throughout the attack sequence account for nearly 90 percent of encrypted attack tactics blocked in 2022. This category also includes ransomware, which continues to be a major concern for CISOs, with ransomware attacks up 80 percent year-on-year.
As defenses have become more complex, attackers have also expanded their techniques and developed new malware variants that are harder to detect and can evade reputation-based technologies. The most common malware families observed by the ThreatLabZ team abusing encrypted channels include ChromeLoader, Gamaredon, AdLoad, SolarMarker and Manuscrypt.
The usual suspects make way for a newcomer
The top five countries targeted by encrypted attacks include the United States, India, South Africa, the United Kingdom, and Australia. South Africa is a relative newcomer to the list, climbing to the top in 2022 after knocking France out of the top five. In Japan (613%), the USA (155%) and India (87%), the goals have also increased significantly compared to the previous year. Attacks in Germany increased by a worrying 352 percent compared to the previous year.
Big risk in production
Not all industries are equally affected by encrypted attacks; Organizations using legacy security solutions fall victim to it more often than others. This year, manufacturing saw a 239 percent increase in these types of attacks, overtaking technology as the hardest-hit sector. Manufacturing remains an attractive target for cybercriminals as the industry has undergone major transformations in recent years, including the introduction of new measures to deal with COVID-19 and infrastructure and applications related to supply chain issues.
However, it is precisely this introduction of new applications, products and services that has increased the attack surface of the companies, leaving many of them vulnerable to the exploitation of new vulnerabilities that need to be fixed in the future.
Focus on education sector
The next industry with the largest increase in attacks was education, up 132 percent year-over-year. Education remains a dominant target for the second year in a row, with a 50 percent increase in attacks from 2020 to 2021. Industries such as education and manufacturing benefit the most from the Zero Trust architecture, which enables a scan of the entire Internet traffic to detect suspicious activity and mitigate the growing risk of encrypted attacks.
On the bright side, in 2022, attacks on government organizations and retail decreased by 40 percent and 63 percent, respectively. Retail saw a sharp rise in encrypted attacks in 2021 as attackers exploited pandemic-driven e-commerce trends, which have returned to normal over the past year. Law enforcement agencies around the world have been actively targeting cybercriminals targeting these critical industries, making them less attractive targets for hacker groups looking for a quick buck.
Zscaler blocks 24 billion encrypted attacks
Zscaler blocked 2022 billion threats in 24 - a 20 percent increase from 2021 with 20,7 billion attacks blocked and a 314 percent increase from 2020. This shows that cybercriminals are evolving their tactics to avoid detection and engage information security teams to come by Today, most attacks use SSL or TLS encryption, which is resource-intensive to inspect at scale and is best done via a cloud-native proxy architecture. Although conventional firewalls support packet filtering and stateful inspection, they are only partially suitable for this task due to their limited resources. Therefore, organizations should implement cloud-native architectures that support full inspection of encrypted traffic in accordance with Zero Trust principles.
More at Zscaler.com
About Zscaler Zscaler accelerates digital transformation so customers can become more agile, efficient, resilient, and secure. Zscaler Zero Trust Exchange protects thousands of customers from cyberattacks and data loss by securely connecting people, devices, and applications anywhere. The SSE-based Zero Trust Exchange is the world's largest inline cloud security platform, distributed across 150+ data centers around the world.